65.49.20.124 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: The Shadow Server Foundation

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
proxy	VPN fraud	2023-04-03 13:08:01
attack	SSH break in attempt ...	2020-08-11 12:58:25
attackbotsspam	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2019-12-15 03:05:02

Comments on same subnet:

IP	Type	Details	Datetime
65.49.20.78	botsattack	Compromised IP	2025-01-28 22:48:38
65.49.20.67	botsattackproxy	Redis bot	2024-04-23 21:05:33
65.49.20.118	attackproxy	VPN fraud	2023-06-12 13:45:52
65.49.20.110	proxy	VPN fraud	2023-06-06 12:43:08
65.49.20.101	proxy	VPN fraud	2023-06-01 16:00:58
65.49.20.107	proxy	VPN fraud	2023-05-29 12:59:34
65.49.20.100	proxy	VPN fraud	2023-05-22 12:53:45
65.49.20.114	proxy	VPN fraud	2023-04-07 13:32:29
65.49.20.105	proxy	VPN fraud	2023-03-16 13:52:13
65.49.20.123	proxy	VPN fraud	2023-03-09 14:09:02
65.49.20.90	proxy	VPN scan	2023-02-20 14:00:04
65.49.20.119	proxy	VPN fraud	2023-02-14 20:08:26
65.49.20.106	proxy	Brute force VPN	2023-02-08 14:01:13
65.49.20.77	proxy	VPN	2023-02-06 13:57:51
65.49.20.81	proxy	VPN	2022-12-27 13:51:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 65.49.20.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16096
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;65.49.20.124.			IN	A

;; AUTHORITY SECTION:
.			558	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121401 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 15 03:04:58 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 124.20.49.65.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 124.20.49.65.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.28.38.21	attackspam	Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools	2019-09-25 22:55:21
218.16.123.2	attackbots	445/tcp 445/tcp 445/tcp... [2019-08-31/09-25]7pkt,1pt.(tcp)	2019-09-25 22:46:52
103.232.120.109	attackbots	2019-09-25T12:55:06.856806abusebot-8.cloudsearch.cf sshd\[28101\]: Invalid user barend from 103.232.120.109 port 59024	2019-09-25 22:25:52
168.232.14.6	attack	23/tcp 23/tcp [2019-09-06/25]2pkt	2019-09-25 22:31:49
218.92.0.156	attack	Sep 25 15:39:29 piServer sshd[22796]: Failed password for root from 218.92.0.156 port 10746 ssh2 Sep 25 15:39:32 piServer sshd[22796]: Failed password for root from 218.92.0.156 port 10746 ssh2 Sep 25 15:39:35 piServer sshd[22796]: Failed password for root from 218.92.0.156 port 10746 ssh2 Sep 25 15:39:38 piServer sshd[22796]: Failed password for root from 218.92.0.156 port 10746 ssh2 ...	2019-09-25 22:30:36
46.23.155.242	attackspam	445/tcp 445/tcp 445/tcp... [2019-07-30/09-25]18pkt,1pt.(tcp)	2019-09-25 22:56:19
82.62.170.205	attackbotsspam	Sep 25 17:22:38 www4 sshd\[43121\]: Invalid user ghost from 82.62.170.205 Sep 25 17:22:38 www4 sshd\[43121\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.62.170.205 Sep 25 17:22:40 www4 sshd\[43121\]: Failed password for invalid user ghost from 82.62.170.205 port 41820 ssh2 ...	2019-09-25 22:30:56
2607:5300:61:bd9::107	attack	Attack, like DDOS, Brute-Force, Port Scan, Hack, etc.	2019-09-25 22:42:11
113.199.40.202	attackspam	Sep 25 16:50:02 dedicated sshd[27601]: Invalid user marketing from 113.199.40.202 port 59724	2019-09-25 23:05:05
60.251.217.192	attack	Sep 25 16:01:16 dev0-dcde-rnet sshd[9638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.251.217.192 Sep 25 16:01:18 dev0-dcde-rnet sshd[9638]: Failed password for invalid user ts5 from 60.251.217.192 port 51526 ssh2 Sep 25 16:07:31 dev0-dcde-rnet sshd[9669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.251.217.192	2019-09-25 22:36:18
144.76.176.171	attackspambots	20 attempts against mh-misbehave-ban on comet.magehost.pro	2019-09-25 22:37:01
3.17.187.194	attackbots	Sep 25 15:41:02 microserver sshd[44484]: Invalid user 4 from 3.17.187.194 port 43842 Sep 25 15:41:02 microserver sshd[44484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.17.187.194 Sep 25 15:41:04 microserver sshd[44484]: Failed password for invalid user 4 from 3.17.187.194 port 43842 ssh2 Sep 25 15:45:30 microserver sshd[45085]: Invalid user cathy from 3.17.187.194 port 57466 Sep 25 15:45:30 microserver sshd[45085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.17.187.194 Sep 25 15:58:53 microserver sshd[46527]: Invalid user 123456 from 3.17.187.194 port 41890 Sep 25 15:58:53 microserver sshd[46527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.17.187.194 Sep 25 15:58:55 microserver sshd[46527]: Failed password for invalid user 123456 from 3.17.187.194 port 41890 ssh2 Sep 25 16:03:32 microserver sshd[47172]: Invalid user nao from 3.17.187.194 port 55514 Sep 25 16:03:32 micros	2019-09-25 22:50:18
164.177.42.33	attackbots	Sep 25 15:42:20 mail sshd[21856]: Invalid user alutus from 164.177.42.33 Sep 25 15:42:20 mail sshd[21856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.177.42.33 Sep 25 15:42:20 mail sshd[21856]: Invalid user alutus from 164.177.42.33 Sep 25 15:42:22 mail sshd[21856]: Failed password for invalid user alutus from 164.177.42.33 port 48289 ssh2 Sep 25 16:02:53 mail sshd[24410]: Invalid user xxl from 164.177.42.33 ...	2019-09-25 22:44:49
220.130.233.29	attackbots	445/tcp 445/tcp 445/tcp... [2019-08-03/09-25]4pkt,1pt.(tcp)	2019-09-25 22:38:01
2.178.33.139	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/2.178.33.139/ IR - 1H : (255) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IR NAME ASN : ASN12880 IP : 2.178.33.139 CIDR : 2.178.0.0/16 PREFIX COUNT : 276 UNIQUE IP COUNT : 1035264 WYKRYTE ATAKI Z ASN12880 : 1H - 2 3H - 2 6H - 7 12H - 20 24H - 49 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-25 22:39:10

Recently Reported IPs

105.34.89.86	41.30.46.176	31.181.202.77	65.234.242.42
69.93.93.3	64.199.232.129	194.28.86.219	57.39.52.13
14.226.152.234	233.241.165.165	156.205.208.30	149.56.28.2
228.90.203.47	68.92.2.42	118.92.113.198	47.140.198.17
96.216.17.94	225.220.213.136	253.83.41.110	184.163.136.153